Tor browser in linu...
 
Notifications
Clear all

Tor browser in linux

3 Posts
2 Users
0 Likes
813 Views
(@jmundy)
Posts: 25
Eminent Member
Topic starter
 

TBB is designed to 'avoid the disk' but I`ve read that this isn't always the case. If a suspect had downloaded TBB onto a Linux OS and ran it a few times, would it be possible to recover any helpful artefacts about their usage of TBB? Thanks

 
Posted : 09/11/2019 10:57 am
(@d1m4g3r)
Posts: 28
Eminent Member
 

I would love to do the write up to answer your question, bit someone already beat me to it. Here's a very nice article covering Forensic examination of Tor on Linux. https://blog.torproject.org/forensic-analysis-tor-linux

 
Posted : 10/11/2019 9:45 pm
(@jmundy)
Posts: 25
Eminent Member
Topic starter
 

Thanks Soviet. That work is interesting but from 6 years ago. The more recent papers I've read seem to say very little is written to disk although RAM can offer more of note. Do you have any hands on experience in relation to my query?

 
Posted : 10/11/2019 10:17 pm
Share: